My research area is computer security. Specifically, my interests include systems security, program analysis for security, virtualization, trusted computing, and access control. I have published over 175 peer-reviewed papers on these subjects. See DBLP and Google Scholar or "See My Publications" below.
My work has been funded by the National Science Foundation ( CNS-0627551, CNS-0721579, CNS-0905343, CNS-0931914, CNS-1117692, CNS-1408880, CNS-1801534, and CNS-1816282 ), Defense Advanced Research Projects Agency, Air Force Research Lab, Army Research Lab, Office of Naval Research, Air Force Office of Scientific Research, and a number of industrial sponsors, including Google, Samsung, Cisco, and HP Labs. Their support is gratefully acknowledged.
Current Research Highlights
Software Security
A recent focus is memory safety validation. Researchers have speculated that a large fraction of memory accesses in C/C++ programs cannot violate memory safety, but we do not yet take advantage of this hypothesis to protect memory systematically. We have built analyses for heap memory safety validation (ACM CCS 2024) and stack memory safety validation (NDSS 2022), and we examine how memory safety validation can be a path to memory safety enforcement and improved security in a variety of ways in an IEEE S&P 2024 paper. We are applying this work in a variety of ways to make memory safety in C/C++ explicit, including our SoK paper on eBPF (SP 2025) and detecting threats to driver isolation (ACSAC 2025). Also, see our papers on improving the performance of memory safety enforcement in USENIX 2024 for spatial safety and type safety.
Mobile Security
We apply access control policy analysis to complex Android systems to find and fix vulnerabilities. The Android system now has a rich, fine-grained access control enforcement, but it is difficult to determine whether part of the file system may be prone to attack. Our analysis tool, PolyScope (USENIX 2021), identifies the file system accesses that may be exploited to launch attacks to detect vulnerabilities. We have extended PolyScope (IEEE TDSC 2023) to reason about Android's recent Scoped Storage (IEEE S&P 2021) policies as well. We have recently shown how to connect access control policy analysis to program analysis to detect zero-day vulnerabilities through the constructing and analysis of host attack graphs (IEEE SecDev 2023), unique in building attack graphs within a host from its access control policies without known vulnerabilities to assess the potential for zero-day attacks.
Systems Security
We have three areas of recent research on operating systems security. First, we explore techniques for automating driver isolation. We have developed the first mostly-automated approach to generate IDL for driver isolation (OSDI 2022), examined kernel isolation mechanisms using Extended Page Tables (VEE 2020, Best Paper), identified threats caused by remaining data sharing (HotOS 2023). Second, we have identified new hardware side channels, including timer-less side channels on Apple M1 processors (USENIX Security 2023) and channels to recover instruction addresses systematically (ISCA 2023). Third, we investigate file system security, including characterizing risks from combining case-sensitive and case-insensitive file systems (FAST 2023), which is happening in Linux and Windows, and developing rollback-resistant file systems (OSDI 2023) that can utilize untrusted storage securely.